Wednesday, April 18, 2012

Anonymous is currently conducting a two-stage attack on businesses and advocacy groups supporting the Cyber Intelligence Sharing and Protection Act (CISPA). Two technology trade associations said they were targeted by the hacker-activist group Anonymous as it singled out supporters of proposed legislation to improve U.S. cyber-security.

The hacker group Anonymous claimed responsibility for taking down the websites of USTelecom and Tech America, which both back the Cyber Intelligence Sharing and Protection Act of 2011. Both sites remained unreachable as of Monday afternoon.

The attacks began yesterday when users were unable to log onto the sites. USTelecom represents telecom companies, including AT&T, Verizon, and CenturyLink; and TechAmerica's members include tech companies such as IBM, Microsoft, and Apple.

A Twitter account called @Anon_Central yesterday called the Rogers bill “draconian” and posted a link to groups and companies supporting the legislation.

Anonymous posted a YouTube video showing US Telecom's site down Sunday, and the site was down for about 24 hours, according to a USTelecom spokesman. Anonymous on Friday released a YouTube video threatening supporters of the Cyber Intelligence Sharing and Protection Act, a bill focused on encouraging U.S. government agencies and private businesses to trade information about cyber-attacks.

Lawmakers say the goal of CISPA is to help companies beef up their defenses against hackers who steal business secrets, rob customer financial information and wreak havoc on computer systems.

The bill would tear down legal barriers that discourage companies from sharing information about cyberattacks. But privacy advocates warn the legislation could lead companies to share private user information with federal spy agencies. The House is expected to vote on the cybersecurity measure on the week of April 23.

Hacker group Anonymous also claimed to have taken down the CIA website for the second time in two months following a new DDoS attack on the U.S. secret service which lasted 45 minutes. Anonymous is reportedly on a DDoS rampage today, downing the CIA, Department of Justice, and two MI6 websites.

Members of the group claimed responsibility throughout Facebook and Twitter. Brazilian hacktivist Havittaja reportedly launched the initial offensive on the DoJ and CIA for “lulz” while other members jumped on board a short time later.

The technique also known as a DDoS (distributed denial-of-service) attack, is a concentrated effort by multiple individuals to make a network busy to its intended users. The end result is server overload. Anonymous makes a freeware tool available to its members to carry out these attacks, which it calls the Low Orbit Ion Cannon.

The collective targeted the department of justice in January as part of Operation Megaupload, in a retaliatory attack against the US government's decision to close the popular file-sharing site.

Starting on Monday, a variety of organizations, including the Electronic Frontier Foundation, the American Civil Liberties Union, the Center for Democracy and Technology, The Constitution Project, Demand Progress, Engine Advocacy, Fight for the Future, Free Press, Reporters Without Borders, Techdirt, and TechFreedom plan to launch a “week of action” campaign against CISPA, a bill they believe remains dangerously broad in its language, which could result in abuse by the government, and damages to our civil liberties.

While many are comparing CISPA to the Stop Online Piracy Act (SOPA), the two bills are entirely different for a number of reasons.

First, CISPA is a cybersecurity bill that pertains to the sharing of information between the government and private companies. SOPA was an anti-piracy bill that sought to block access to “foreign rogue” websites that illegally distributed copyrighted material.

Second, SOPA was opposed by many of the technology and Internet industry’s biggest players. CISPA, on the other hand, effectively has the support of hundreds of technology and Internet companies — a key difference that could drastically affect whether the anti-CISPA crowd can successfully block passage of the bill.

To give you a full picture of just how much political firepower the CISPA has in Congress, we’ve listed most, if not all, of the companies and organizations that have voiced either direct support for CISPA (by writing a letter, or otherwise expressing support for this specific bill), or indirect support through the direct support of a trade group.

The organizations or companies listed in bold have voiced direct support. Those companies not in bold have not necessarily given direct support (though quite a few have), but have supported the bill through the trade group, which is listed in bold.

The links go to the .pdf files of the letters the company sent to the House Intelligence Committee to express their support of CISPA. As you can see, the list of CISPA supporters is massive, and should give anyone who thinks this will be an easy political fight a dose of reality. Not that CISPA can’t be stopped but, well, scroll down and you’ll see what we mean.